From aadefed1954c4066e0aea6ecfa945f68040d2a11 Mon Sep 17 00:00:00 2001 From: xdrm-brackets Date: Fri, 2 Mar 2018 09:27:58 +0100 Subject: [PATCH] [module.cas] Created callback (todo: store in SESSION) + [module.*] renamed all with lowercase API path --- build/api/module/casController.php | 76 +++++++++++++++++ ...yController.php => categoryController.php} | 2 +- ...xcelController.php => excelController.php} | 2 +- ...Controller.php => formationController.php} | 2 +- .../statsController.php} | 4 +- ...Controller.php => professorController.php} | 2 +- config/modules.json | 81 ++++++++----------- 7 files changed, 115 insertions(+), 54 deletions(-) create mode 100644 build/api/module/casController.php rename build/api/module/{CategoryController.php => categoryController.php} (92%) rename build/api/module/{ExcelController.php => excelController.php} (99%) rename build/api/module/{FormationController.php => formationController.php} (92%) rename build/api/module/{Professor/StatsController.php => professor/statsController.php} (94%) rename build/api/module/{ProfessorController.php => professorController.php} (99%) diff --git a/build/api/module/casController.php b/build/api/module/casController.php new file mode 100644 index 0000000..3561def --- /dev/null +++ b/build/api/module/casController.php @@ -0,0 +1,76 @@ + The professor(s) data + * + ---------------------------------------------------------*/ + public static function get($args){ + + // login: https://sso.univ-pau.fr/cas/login?service=http://ptut.com:8080/api/v/1.0/cas + // validate: https://sso.univ-pau.fr/cas/serviceValidate?ticket=***TICKET***&service=http://ptut.com:8080/api/v/1.0/cas + + /* (1) Check validity + ---------------------------------------------------------*/ + /* (1) Check origin */ + // TODO + + + /* (2) Fail if no ticket */ + if( !isset($_GET['ticket']) || !is_string($_GET['ticket']) || strlen($_GET['ticket']) < 1 ) + return ['error' => new Error(Err::PermissionError, 'missing ticket')]; + + + + /* (2) Check ticket (validate) + ---------------------------------------------------------*/ + /* (1) Build useful variables */ + $service = 'http://ptut.com:8080/api/v/1.0/cas'; + $ticket = urlencode($_GET['ticket']); + $validate_url = "https://sso.univ-pau.fr/cas/serviceValidate?ticket=$ticket&service=$service"; + + /* (2) Configure & Prepare CURL */ + $ch = curl_init(); + + curl_setopt($ch, CURLOPT_URL, $validate_url); + curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); + + /* (3) Execute CURL & Close it */ + $output = curl_exec($ch); + curl_close($ch); + + /* (4) Fail if not validated */ + if( strpos($output, 'user') === false ) + return ['error' => new Error(Err::PermissionError, 'invalid ticket')]; + + /* (5) Extract cas_login */ + $cas_login = trim(strip_tags($output)); + + /* (6) Check empty */ + if( strlen($cas_login) < 1 ) + return ['error' => new Error(Err::PermissionError, 'cannot find cas login')]; + + + + return ['cas_login' => $cas_login ]; + + } + +} \ No newline at end of file diff --git a/build/api/module/CategoryController.php b/build/api/module/categoryController.php similarity index 92% rename from build/api/module/CategoryController.php rename to build/api/module/categoryController.php index 7a47427..fab1963 100644 --- a/build/api/module/CategoryController.php +++ b/build/api/module/categoryController.php @@ -11,7 +11,7 @@ namespace api\module; use database\core\Repo; -class CategoryController +class categoryController { public function get($args){ diff --git a/build/api/module/ExcelController.php b/build/api/module/excelController.php similarity index 99% rename from build/api/module/ExcelController.php rename to build/api/module/excelController.php index 2c3c398..6f6e1e2 100644 --- a/build/api/module/ExcelController.php +++ b/build/api/module/excelController.php @@ -21,7 +21,7 @@ use error\core\Err; use error\core\Error; use PhpOffice\PhpSpreadsheet\Exception; -class ExcelController +class excelController { private const startLineUE = 5; diff --git a/build/api/module/FormationController.php b/build/api/module/formationController.php similarity index 92% rename from build/api/module/FormationController.php rename to build/api/module/formationController.php index 14dfc9d..f2944f4 100644 --- a/build/api/module/FormationController.php +++ b/build/api/module/formationController.php @@ -11,7 +11,7 @@ namespace api\module; use database\core\Repo; -class FormationController +class formationController { public static function get($args){ diff --git a/build/api/module/Professor/StatsController.php b/build/api/module/professor/statsController.php similarity index 94% rename from build/api/module/Professor/StatsController.php rename to build/api/module/professor/statsController.php index f16e4f2..1566cef 100644 --- a/build/api/module/Professor/StatsController.php +++ b/build/api/module/professor/statsController.php @@ -6,13 +6,13 @@ * Time: 16:19 */ -namespace api\module\Professor; +namespace api\module\professor; use database\core\Repo; use database\repo\professor; -class StatsController{ +class statsController{ public static function get($args){ $idProf = 0; extract($args); diff --git a/build/api/module/ProfessorController.php b/build/api/module/professorController.php similarity index 99% rename from build/api/module/ProfessorController.php rename to build/api/module/professorController.php index bea813e..f2c8150 100644 --- a/build/api/module/ProfessorController.php +++ b/build/api/module/professorController.php @@ -14,7 +14,7 @@ use database\repo\professor; use error\core\Error; use error\core\Err; -class ProfessorController{ +class professorController{ /* (1) Returns 1 or all professors diff --git a/config/modules.json b/config/modules.json index e34a95d..7af412f 100644 --- a/config/modules.json +++ b/config/modules.json @@ -7,6 +7,34 @@ } }, + "cas": { + + "GET": { + "des": "Authenticatation callback (used by third-party OAuth)", + "per": [], + "par": {} + }, + + "POST": { + "des": "Login if not already authenticated", + "per": [], + "par": {} + }, + + "PUT": { + "des": "Check if authenticated", + "per": [], + "par": {} + }, + + "DELETE": { + "des": "Logout", + "per": [], + "par": {} + } + + }, + "release": { "GET": { @@ -21,7 +49,7 @@ } }, - "Excel":{ + "excel":{ "POST": { "des": "Import data from an Excel file", "per": [], @@ -30,7 +58,7 @@ } }, - "Professor":{ + "professor":{ "POST": { "des": "Creates a new professor", @@ -90,7 +118,7 @@ }, - "Stats": { + "stats": { "GET":{ "des": "Get statistics of the professor", "per": [], @@ -103,7 +131,7 @@ }, - "Formation": { + "formation": { "GET":{ "des": "Get all data about a formation", "per": [], @@ -113,7 +141,7 @@ } }, - "Category": { + "category": { "GET": { "des" : "Get all data about a professor category", "per": [], @@ -121,48 +149,5 @@ "URL0":{"des" : "Id of the category", "typ": "id", "ren": "idCat", "opt" : true} } } - }, - - "a": { - - "b": { - - "c": { - "PUT": { - "des": "PUT A/B/C.", - "per": [], - "par": {} - }, - "DELETE": { - "des": "DELETE A/B/C.", - "per": [], - "par": {} - } - - }, - - "PUT": { - "des": "PUT A/B.", - "per": [], - "par": {} - }, - "DELETE": { - "des": "DELETE A/B.", - "per": [], - "par": {} - } - - }, - - "GET": { - "des": "GET A.", - "per": [], - "par": {} - }, - "POST": { - "des": "POST A.", - "per": [], - "par": {} - } } } \ No newline at end of file